Vulnerabilities > Huawei > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-04-02 | CVE-2016-8776 | Improper Authorization vulnerability in Huawei P9 Firmware and P9 Lite Firmware Huawei P9 phones with software EVA-AL10C00,EVA-CL10C00,EVA-DL10C00,EVA-TL10C00 and P9 Lite phones with software VNS-L21C185 allow attackers to bypass the factory reset protection (FRP) to enter some functional modules without authorization and perform operations to update the Google account. | 2.1 |
| 2016-09-27 | CVE-2016-4058 | Cross-site Scripting vulnerability in Huawei Policy Center V100R003C00/V100R003C10 Cross-site scripting (XSS) vulnerability in Huawei Policy Center before V100R003C10SPC020 allows remote authenticated users to inject arbitrary web script or HTML via vectors related to "special characters on pages." | 3.5 |
| 2016-09-07 | CVE-2016-6900 | Resource Management Errors vulnerability in Huawei products The Intelligent Baseboard Management Controller (iBMC) in Huawei RH1288 V3 servers with software before V100R003C00SPC613; RH2288 V3 servers with software before V100R003C00SPC617; RH2288H V3 servers with software before V100R003C00SPC515; RH5885 V3 servers with software before V100R003C10SPC102; and XH620 V3, XH622 V3, and XH628 V3 servers with software before V100R003C00SPC610 allows local users to cause a denial of service (iBMC resource consumption) via unspecified vectors. | 2.1 |
| 2016-07-12 | CVE-2016-5850 | Cross-site Scripting vulnerability in Huawei Public Cloud Solution Cross-site scripting (XSS) vulnerability in the volume backup service module in Huawei Public Cloud Solution before 1.0.5 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | 3.5 |
| 2016-06-30 | CVE-2016-4086 | Security Bypass vulnerability in Huawei HiSuite Huawei HiSuite (In China) before 4.0.4.301 and (Out of China) before 4.0.4.204_ove allows remote attackers to install arbitrary apps on a connected phone via unspecified vectors. | 2.9 |
| 2016-01-15 | CVE-2015-8675 | Credentials Management vulnerability in Huawei S5300 Firmware V200R005C02 Huawei S5300 Campus Series switches with software before V200R005SPH008 do not mask the password when uploading files, which allows physically proximate attackers to obtain sensitive password information by reading the display. | 2.1 |
| 2016-01-08 | CVE-2015-8303 | Information Exposure vulnerability in Huawei Document Security Management V100R002C03Spc005 Huawei Document Security Management (DSM) with software before V100R002C05SPC661 does not clear the clipboard when closing a secure file, which allows local users to obtain sensitive information by pasting the contents to another file. | 2.1 |
| 2014-12-24 | CVE-2014-9415 | Improper Input Validation vulnerability in Huawei Espace Desktop V100R001C02/V100R001C03 Huawei eSpace Desktop before V100R001C03 allows local users to cause a denial of service (program exit) via a crafted QES file. | 1.9 |
| 2014-12-24 | CVE-2014-9417 | Improper Input Validation vulnerability in Huawei Espace Desktop V100R001C02/V100R001C03 The Meeting component in Huawei eSpace Desktop before V100R001C03 allows local users to cause a denial of service (program exit) via a crafted image. | 2.1 |
| 2014-12-24 | CVE-2014-9418 | Buffer Errors vulnerability in Huawei Espace Desktop V100R001C02/V100R001C03/V200R001C03 The eSpace Meeting ActiveX control (eSpaceStatusCtrl.dll) in Huawei eSpace Desktop before V200R001C03 allows local users to cause a denial of service (memory overflow) via unspecified vectors. | 2.1 |